As is known, to securely transmit data from one party to another in a secured communications system, the data is encrypted using an encryption key and an encryption algorithm. Such an encryption algorithm may be a symmetric key algorithm such as the data encryption standard (DES) while the encryption key is a corresponding symmetric key. A secure transmission begins when a sending party encrypts the data using the symmetric key algorithm and the symmetric key. Once the data is encrypted, it is transmitted to the receiving party over a transmission medium (i.e., the Internet, a telephone line, a local area network, a wide area network, an Ethernet link, etc.). Upon receipt, the receiving party decrypts the data using the same symmetric key, which must be transmitted to it or derived by it using an appropriate secure mechanism.
Encrypting data using public key algorithms is somewhat more computationally expensive than using a symmetric key algorithm, but public key systems offer the advantage of requiring that only a public key (of a public, private key pair) be authenticly shared between two parties, rather than a secret key be confidentially shared as in symmetric-key systems. Thus to obtain the cost savings benefits of symmetric key encryption and the key distribution advantage of public/private key pairs, a wrapped session key is provided to the receiving party along with the encrypted data. The wrapped session key is an encrypted version of the symmetric key, where the symmetric key has been encrypted using the public key (of a public/private key pair) of the receiving party. When the receiving party receives the encrypted message, it decrypts the wrapped session key, using its private key, to recapture the symmetric key. Having recaptured the symmetric key, the receiving party utilizes it to decrypt the message. Typically, symmetric keys are used for relatively short duration (e.g., a single communication, a set number of communications, an hour, a day, a few days), while encryption public keys are often (though not necessarily) used for a longer duration (e.g., a week, a month, a year, or more).
To further enhance security of encrypted data transmissions in the secured communications system, the sending party provides its signature with encrypted messages that it transmits. The signature of the sending party consists of a tag computed as a function of both the data being signed and the signature private key of the sender. The receiving party, using the corresponding signature verification public key of the sending party, validates the signature. To ensure that the receiving party is using an authentic signature verification public key of the sending party, it utilizes the sending party's signature public key certificate, obtained from the sending party itself, from a directory, from a certification authority, or from any other available source. The signature public key certificate includes the public key of the sending party and a signature of a certification authority. The receiving party, using a trusted public key of the certification authority, verifies the signature of the certification authority on this certificate. Thus, the signature public key certificate is verified, which, in turn, allows the receiving party to trust the signature public key of the sending party to verify its signature.
As mentioned, a directory or other server/repository and/or a certification authority stores signature verification public key certificates of end-users within the communications system. End-users may also store their own certificates, for example their signature verification certificate. The directory and/or other sources may also store encryption public key certificates of the end-users. As such, any user (e.g., an end-user, a certification authority/administrator, etc.) that desires for example, to encrypt a message using the public key of another user, can access the directory to retrieve such information. If a user is preparing an outgoing message and the recipient list, (i.e., the targeted users of the message) is relatively small, e.g., less than 10, it is not too burdensome for the user to individually retrieve the encryption public key certificates from the directory. As the number of recipients increases, however, the burden of individually retrieving encryption public key certificates increases proportionally. Thus, a user formulating an outgoing message for a large number of recipients must endure the burdensome process of individually accessing a number of certificates from the directory.
To facilitate the generation of outgoing messages for a large number of recipients, a shared recipient list may be used. The shared recipient list includes the identities of each of a targeted group of recipients. Typically, a targeted group of recipients is grouped based on functionality of the end-users, where each targeted group of recipients is listed in a separate shared recipient list. For example, a company may create a shared recipient list for its accounting department, finance department, marketing department, engineering department, etc, even when the recipients are at different locales. Thus, for an end-user to create an outgoing message for a department of the company, the end-user can create the message and select the appropriate shared recipient list. The end-user's computer, via an encryption software program or process utilizes the shared recipient list lo retrieve the encryption public key certificates of the recipients identified in the list. The end-user's computer retrieves the certificates from a directory or a plurality of directories. If the computer does not have access to the directory, or to one of the directories, it cannot retrieve the corresponding certificate(s). Thus, the outgoing message cannot be completely prepared until the computer has access to all necessary certificates.
If the end-user does not have access to a directory, it may obtain the needed certificates from another end-user, possibly a priori in anticipation of this circumstance. While this approach allows the end-user to obtain a certificate of other end-users, it is done on a user-by-user basis. As such, it could be a quite burdensome process to obtain the certificates in this manner
Therefore, a need exists for a method and apparatus that extends secure communication operations by obtaining trustworthy certificates from end-users that maintain a shared list.